CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2016-8671
https://notcve.org/view.php?id=CVE-2016-8671
The pstm_exptmod function in MatrixSSL 3.8.6 and earlier does not properly perform modular exponentiation, which might allow remote attackers to predict the secret key via unspecified vectors. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-6887. La función pstm_exptmod en MatrixSSL 3.8.6 y versiones anteriores no realiza adecuadamente la exponenciación modular, lo que podría permitir a atacantes remotos predecir la clave secreta a través de vectores no especificados. NOTA: esta vulnerabilidad existe debido a una solución incompleta para CVE-2016-6887. • http://www.openwall.com/lists/oss-security/2016/10/15/2 http://www.openwall.com/lists/oss-security/2016/10/15/8 http://www.securityfocus.com/bid/95439 https://blog.fuzzing-project.org/54-Update-on-MatrixSSL-miscalculation-CVE-2016-8671%2C-incomplete-fix-for-CVE-2016-6887.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-6886
https://notcve.org/view.php?id=CVE-2016-6886
The pstm_reverse function in MatrixSSL before 3.8.4 allows remote attackers to cause a denial of service (invalid memory read and crash) via a (1) zero value or (2) the key's modulus for the secret key during RSA key exchange. La función pstm_reverse en MatrixSSL en versiones anteriores a 3.8.4 permite a atacantes remotos provocar una denegación de servicio (lectura de memoria no válida y caída) a través de un (1) valor cero o (2) los módulos de teclas para la clave secreta durante el intercambio de clave RSA. • http://www.matrixssl.org/blog/releases/matrixssl_3_8_4 http://www.securityfocus.com/bid/92604 https://blog.fuzzing-project.org/51-Fun-with-Bignums-Crashing-MatrixSSL-and-more.html • CWE-320: Key Management Errors •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-6885
https://notcve.org/view.php?id=CVE-2016-6885
The pstm_exptmod function in MatrixSSL before 3.8.4 allows remote attackers to cause a denial of service (invalid free and crash) via a base zero value for the modular exponentiation. La función pstm_exptmod en MatrixSSL en versiones anteriores a 3.8.4 permite a atacantes remotos provocar una denegación de servicio (liberación no válida y caída) a través de un valor base cero para la exponenciación modular. • http://www.matrixssl.org/blog/releases/matrixssl_3_8_4 https://blog.fuzzing-project.org/51-Fun-with-Bignums-Crashing-MatrixSSL-and-more.html • CWE-416: Use After Free •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-6891
https://notcve.org/view.php?id=CVE-2016-6891
MatrixSSL before 3.8.6 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted ASN.1 Bit Field primitive in an X.509 certificate. MatrixSSL en versiones anteriores a 3.8.6 permite a atacantes remotos provocar una denegación de servicio (lectura fuera de límites) a través de un ASN.1 Bit Field primitive manipulado en un certificado X.509. • http://www.securityfocus.com/bid/93498 http://www.tripwire.com/state-of-security/security-data-protection/cyber-security/flawed-matrixssl-code-highlights-need-for-better-iot-update-practices https://github.com/matrixssl/matrixssl/blob/3-8-6-open/CHANGES.md https://www.kb.cert.org/vuls/id/396440 • CWE-125: Out-of-bounds Read •
CVSS: 10.0EPSS: 3%CPEs: 1EXPL: 0CVE-2016-6890
https://notcve.org/view.php?id=CVE-2016-6890
Heap-based buffer overflow in MatrixSSL before 3.8.6 allows remote attackers to execute arbitrary code via a crafted Subject Alt Name in an X.509 certificate. Desbordamiento de búfer basado en memoria dinámica en MatrixSSL en versiones anteriores a 3.8.6 permite a atacantes remotos ejecutar código arbitrario a través de un Subject Alt Name manipulado en un certificado X.509. • http://www.securityfocus.com/bid/93498 http://www.tripwire.com/state-of-security/security-data-protection/cyber-security/flawed-matrixssl-code-highlights-need-for-better-iot-update-practices https://github.com/matrixssl/matrixssl/blob/3-8-6-open/CHANGES.md https://www.kb.cert.org/vuls/id/396440 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •